COMMUNICATION SETTING MANAGEMENT SYSTEM 



BACKGROUND OF THE INVENTION 
1. Field of the Invention 
5 The pr es ent invention relates to a communication setting 

management system for collectively managing communication 
settings that prescribe what kind of characteristics are to 
be imparted to what kind of communications when communications 
are made between communication entities. 

10 2. Description of the Related Art 

With the progress of networks in late years, 
communication substance or communication entities such as 
computers and communication apparatuses, and software parts 
to be realized with object oriented and the like are connected 

16 to networks through wire or wireless, thereby making various 
communications in interconnection. 

Here, the communication substance, i.e. the 
communication entity indicates a computer having a 
communication function, a communication hardware apparatus 

20 such as a router or the like, and a software part to be realized 
with object oriented, etc. Furthermore, communication 
characteristics indicate a speed or sequence of communication, 
a degree or quality of security, and the like. A communication 
setting indicates a process sequence for denoting a speed or 

25 quality of communication, an encryption algorithm, and 

parameters such as a length of encryption key or the like. 
In the communication between the communication entities 
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connected to the aforesaid network, it is desirable that 
characteristics of communication are managed, and networks 
areef f ectively exploited, and appropriate security is adapted. 
As one proposal therefor, in the security management 
5 system mentioned in, e.g., Japanese Patent Application 

Laid-Open Publication No. 6-6347, there is disclosed a system 
for distributing a setting in security to a plurality |of 
communication apparatus. 

In such a case, the characteristics of communication 
10 are allocated according to communication attributes . That is , 
it is generic that a communication setting is allocated. Here, 
as the communication attributes, a communication originator 
(a user name, a host name, a port number, etc.), a recipient 
(a user name, a host name, a port number, a service name, a 
15 file name, etc.), communication variety (request contents, 
an argument, etc.), and the like are listed. 

Rules as to what kind of communication setting is 
allocated to such the communication attributes , respectively, 
are called an application rule, and such the communication 
20 setting and application rule are together called a policy. 

As a construction of managing such the communication 
setting, in a first prior art as shown in Fig. 1, a notion 
like a setting level has been used. In Fig. 1, a communication 
setting management apparatus 1 for setting communication is 
25 shown with respect to a plurality of communication entities 
2 1 to 2 a to be connected to a network. 

Here, the communication setting management apparatus 
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(CSMA) 1 has an application rule entry /edit means 100, an 
application rule storing means 101, and a retrieval and response 
function unit 102. These means and function unit are constituted 
as a hardware, or realized by a software. 
5 A setting level 2 0 0 is prepared for such the communication 

setting management apparatus 1. This setting level 200 denotes 
different setting contents with a rough level, and the setting 
level per se does not denote concrete setting contents.. 

The setting level and a collation information 201 of 
10 the concrete setting contents are separately prepared, instead. 
Collating with this collation information 201 and the given 
setting level 200, it is decided what kind of setting is 
specifically conducted for the communication entities 2 X to 

15 An administrator collates only the setting level 200 

with each other, or collates the setting level 200 with an 
collation information 201, and describes the application rules 
that the setting level is allocated to each communication by 
use of the application rule entry /edit means 100 . The described 

20 application rule is stored in an application rule storing means 
(ARSM) 101. 

The application rule is retrieved from the application 
rule storing means 101 by the retrieval and response function 
unit (R&RFU) 102 from time to time, thereby setting in the 
25 corresponding communication entities 2 : to 2 B . In this case, 
the application rule and setting level are handled in 
distinction from each other. In other words, the policy is 
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explicitly divided into the application rule and setting level . 

As a second prior art, without preparing the setting 
level 200 like the method of Fig. 1, as shown in Fig. 2 the 
administrator can also specifically describe setting contents 
5 to be allocated when it describes the application rule, by 
use of a detailed setting entry /edit means 103. In this case, 
it is essential that the administrator has detailed knowledge 
in concrete setting contents (202) , and the application rules 
and settings are not distinguished from each other, and are 

10 handled as impart ibility to be stored in an application rule 
and setting storing means (AR&SSM) 104. In other words, the 
policy is mixed together with the application rule and setting. 

Furthermore, as a placing method of the communication 
setting management apparatus 1, as shown in Fig. 3, relating 

15 to a single purpose and use conventionally, the single 

communication setting management apparatus 1 has collectively 
set and managed the plurality of communication entities. In 
Fig. 3, in the setting relating to the communication also, 
a sole communication setting management apparatus has imparted 

20 a setting to the communication entities 2 : and 2 2 across the 
communication . 

In the aforesaid prior art, in the case where the 
collation information 201 is concealed from the administrator, 
it is unnecessary for the administrator to have high-grade 

25 knowledge in the detailed setting contents. It is possible 
to readily input and edit, but inversely when it has the 
high-degree knowledge, it is impossible to input and edit by 

4 
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stepping into the detailed setting contents . 

On the other hand, in the case where the collation 
information is provided to the administrator in the first prior 
art, and in the case of the aforesaid second prior art-, it 
5 is possible for the administrator to finely set by use of the 
high-grade knowledge, but the administrator not having the 
high-grade knowledge is difficult to set. j 

That is, it is impossible to satisfy simultaneously a 
request of the administrator who has the high-grade knowledge 

10 and is desired to describe the finest policy and a request 
of the administrator who does not have the high-grade knowledge 
and readily desires to describe the policy, and there is a 
problem that it is impossible to take partial charge of 
management between the administrators having different 

15 knowledge. 

SUMMARY OF THE INVENTION 
It is therefore an object of the present invention to 
provide a communication setting management system capable of 
simultaneously realizing a description of the finest 
20 communication setting requiring high-grade knowledge and a 
description of an easy application rule not requiring the 
high-grade knowledge in the case where communication settings 
, are distributed to many communication entities. 

Furthermore, it is another object of the present 
25 invention to provide a communication setting management system 
capable of making efficient management when a different setting 
can be realized in each management domain by placing in each 
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domain. 

According to a first aspect of the present invention, 
in order to solve the aforesaid problems, there is provided 
a communication setting management system designed to . 
5 distribute a communication characteristics setting to a 
plurality of communication entities, comprising setting 
template entry/edit means for entering or editing a setting 
template that collects contents to be set for the communication 
entities, with reference to information on a concrete method 

10 of setting the communication entities; setting template 
accumulation means for accumulating the setting template 
entered or edited by the setting template entry/edit means; 
application rule entry/edit means for entering or editing 
application rules prescribing rules of which setting template 

16 is to be applied to a communication having what kindof attribute; 
application rule accumulation means for accumulating the 
application rule input or edited by the application rule 
entry/edit means; and retrieval and response function means 
for selecting a corresponding application rule from the 

20 application rule accumulation means in accordance with the 
attribute of a destination communication entity to distribute 
the setting, reading from the setting template accumulation 
means a setting template having a setting template name 
specified by the application rule, and distributing the read 

25 setting template to the communication entity. 

Preferably, the communication sett ingmanagement system 
of the present invention further comprises setting template 



collective entering means for collectively entering a group 
of previously defined setting templates into the setting 
template accumulation means . 

According to a second aspect of the present invention, 

5 there is provided a the communication setting management system 
arranged to include a plurality of management domains each 
having at least one communication entity, the domains existing 
via a network, the system comprising a communication setting 
management apparatus disposed in each of the plurality of 

10 management domains, the communication setting management 
apparatus disposed in a corresponding management domain 
imparting, on a management domain basis, a different 
communication characteristics setting to communications 
between communication entities belonging to different 

15 management domains, the setting being managed on a 
corresponding management domain basis. 

Preferably, the communication settingmanagement system 
further comprises a contradiction detection function unit 
for mutually interchanging information with a communication 

20 setting management apparatus disposed in the other 

management domain, and detecting a contradiction between the 
information and the setting template and the application rule 
of its own management domain. 

Furthermore, the communication setting management 

25 system may further comprise a contradiction modification 
function unit for modifying a contradiction at the time when 
a contradiction is detected that a setting template or setting 
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templates specified by the contradiction detection function 
unit according to the application rule are not coincident with 
each other. 

The features of the present invention will become more 
5 apparent from the following detailed description of preferred 
embodiments when taken in conjunction with the accompanying 
drawings . ^ 
BRIEF DESCRIPTION OF THE DRAWINGS 
Fig. 1 is a block diagram for explaining a first prior 

10 art } 

Fig. 2 is a block diagram for explaining a second prior 

art; 

Fig. 3 is a block diagram for explaining a third prior 

art; 

15 Fig. 4 is a block diagram for explaining a constitution 

according to a first embodiment of the present invention; 

Fig. 5 is a block diagram for explaining a constitution 
according to a second embodiment of the present invention; 
Fig. 6 is a block diagram for explaining a constitution 
20 according to a third embodiment of the present invention; 

Fig. 7 is a block diagram for explaining a constitution 
according to a fourth embodiment of the present invention; 

Fig. 8 is a block diagram for explaining a constitution 
according to a fifth embodiment of the present invention; 
25 Fig. 9 is a block diagram of a concrete constitutional 

example of a communication setting management apparatus 
according to the first embodiment of the present invention; 
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Fig. 10 is an illustration of Betting templates to be 
stored in a setting template accumulation means according to 
the first embodiment of the present invention; 

Fig. 11 is another illustration of setting templates 
5 to be stored in the setting template accumulation means 
according to the first embodiment of the present invention; 

Fig. 12 is an illustration of application rules tp be 
stored in an application rule accumulation means according 
to the first embodiment of the present invention; 
10 Fig. 13 is an illustration of a screen of entering and 

editing setting templates displayed to an upper administrator 
according to the first embodiment of the present invention; 

Fig. 14 shows a sample of an application rule entering 
and editing screen displayed to a general administrator 
16 according to the first embodiment of the present invention; 

Fig. 15 is a flowchart for explaining an operation of 
a retrieval and response function unit according to the first 
embodiment of the present invention; 

Figs . 16A and 16B show samples of setting template groups 
20 to be annexed collectively according to the first embodiment 
of the present invention; 

Fig. 17 shows a sample of a placement of the communication 
setting management apparatus according to a second embodiment 
of the present invention; 
25 Fig. 18 shows a sample of the setting templates shared 

by the communication setting management apparatus of systems 
A, B according to the second embodiment of the present invention ; 
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Figs. 19A and 19B are illustrations showing the 
application rules of the systems A, B in Fig. 18; 

Fig. 20 is an illustration for explaining an operation 
of a contradiction detection function? 
5 Fig. 21 is an equivalent information and a preferential 

information of the setting templates; 

Figs. 22A and 22B are illustrations for explaining an 
operation of contradiction modification; 

Fig. 23 is a conceptual diagram of the contradiction 
10 modification; and 

Figs. 24A and 24B show application rules after the 
contradiction modification. 

DESCRIPTION OF THE PREFERRED EMBODIMENTS 

Hereinafter/ embodiments, of the present invention will 
15 be described with reference to the accompanying drawings. 
Incidentally, the drawings are prepared for illustrative 
purposes only, and accordingly a scope of protection of the 
present invention is not restricted by such drawings . 

Fig. 4 is a diagram for explaining a notion of a first 
20 embodiment of a communication setting management system 

according to the present invention. In Fig. 4, a communication 
setting management apparatus 1 is constituted by an application 
rule storing means (ARSM) 11, a setting template storing means 
(STSM) 12/ a retrieval and response function unit (R&RFU) 13, 
25 an application rule entry /edit means (ARE/EM) 14, and a setting 
template entry/edit means (STE/EM) 15. The functions 
corresponding to the function unit and means can be realized 



10 



CO /CI 'J 



\C\b\ 



l f\f,\-f\\-Cf\ 



by a hardware and software, as described above. 

Settings to be transferred to communication entities 
are collected to name setting templates. The setting template 
entry /edit means 15 has a detailed setting input and edit 
5 function. An upper administrator 21 having high-grade knowledge 
refers to a concrete setting method information 20 of each 
communication entity r while the setting templates are input 



or edited by use of the setting template entry/edit means: 15, 
and are stored in the setting template storing means 12. 



template should apply on a communication having what kind of 
attribute. That is, the application rule is a combination of 
communication attributes and setting template names. The 
application rule is input or edited using the application rule 

15 entry/edit means 14 by a standard administrator 22. 

The application rule entry/edit means 14 has a setting 
template name read-out function, and reads out a summary of 
names of the setting templates from the setting template storing 
means 12, which is presented to the administrator to select. 

20 Such entered or edited application rules are stored in 

the application rule storing means 11. When a communication 
occurs and a setting is distributed to a communication entity 
2, the retrieval and response function unit 13 selects a 
corresponding application rule from the application rule 

26 storing means 11 in accordance with communication attributes 
of a distribution destination, and reads out a setting template 
having a setting template name specified therein from the 
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An application rule describes rules which setting 
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setting template accumulation means 12. Then, it distributes 

this setting template to the communication entity of the 

distribution destination. 

In this embodiment, there are provided the setting 

5 template storing means 12 and the setting template entry /edit 

means 15, and a method of fetching out a combination is used 

which is desired to exploit from a concrete setting method 

\ 

20 to input, edit, and store. 

Thus, relating to typical setting templates, they are 

10 input by the upper administrator 21 having high-grade knowledge. 
Thus, a standard administrator 22 can readily input the 
application rule without owning high-grade knowledge relating 
to the concrete setting method of each communication entity. 
Furthermore, the upper administrator 21 owning the 

15 high-grade knowledge relating to the concrete setting method 
examines even detailed values in the setting templates by use 
of the setting template entry/edit means 15, and inputs and 
edits, thereby executing the finest setting templates. 

As described above , it is pos s ible to fulfill both demands 

20 that the setting is readily assigned without requiring the 
high-grade knowledge in response to the administrator's 
knowledge and that the finest setting is assigned by use of 
the high-grade knowledge. 

Accordingly, management affairs are shared between the 

26 administrators 21 and 22 having different knowledge, so that 
a policy (setting and application rule) can efficiently be 
managed. 
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Here, in a constitution of the embodiment of Fig. 4, 
the setting template entry /edit means 15 peruses, inputs, and 
edits the setting templates through interactive input and 
output with the upper administrator 21 , and in the case where 

5 many setting templates previously defined are prepared as data, 
an interactive input requires much labor, and efficiency is 
worse. > 

That is, in a constitution of the embodiment shown in 
Fig. 4 , an input of the setting templates is made via the setting 

10 template entry/edit means 15, and this object is to 

interactively input and edit for the administrator 21, and 
in the case where the setting template groups already defined 
exist, efficiency is worse. 

Then, a communication set.ting management system in which 

15 the previously defined setting template groups can collectively 
be input is demanded. Fig. 5 is a diagram showing a notion 
structure of an embodiment in response to such demand. 

A constitution of the embodiment of Fig. 5 is 
characteri2ed in that, in the communication setting management 

20 apparatus 1 having the constitution of the embodiment of Fig. 
4, a setting template collectively entering means { STCEM ) 16 
which prepares and collectively accepts the previously defined 
setting template groups 23, and stores them in the setting 
template storing means 12 is annexed thereto. 

26 The previously defined setting template groups 23 can 

collectively be input into the setting template storing means 
12 without assistance of the administrator by the setting 
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template collectively entering means 16 for collectively 
receiving the previously defined setting template groups 23. 
Thus, the previously defined setting template groups 23 can 
efficiently be input, and in particular this is effective when 

5 the setting template groups in response to a function newly 
mounted by a designer of the communication entities are 
distributed. | 

Here, there is a policy that settings must be equal across 
communications concerning policies in the communications, but 

10 there also can be a policy that they are not necessarily equal . 
As for security as an example, in the case of encoding 
communication contents, a type of encryption algorithm and 
a length of a key to be used must be set equally, but a policy 
of communication audit, e.g. a, setting whether or not a log 

15 is taken need not be equal. 

Furthermore, parameters of communication attributes 
which are desired to describe the application rule aredif f erent 
across the communication. For example, in the case of a 
communication that a user of a client accesses to a file in 

20 a server, it is easy for a domain at a client side to describe 
the application rule for an attribute as the user. However, 
as there is less knowledge in the file in an attribute as an 
objective file, the description is hard to render. 

On the other hand, it is easy for the domain at a server 

25 side to describe the application rule for the attribute as 
the file, but as there is less knowledge in the user for the 
attribute as the user, the description is hard to render. In 



such the case, it is desirable that different application rules 
between at the server side and client side can be described. 

In the case of the above two samples, as shown in Fig. 
3 , if there exists only the one communication setting management 
5 apparatus 1, when both domains are different systems, 

respectively, the system not having the communication setting 
management apparatus 1 must request a mating system to change 
the policy, and this requires much labor and efficiency is 
worse. 

10 As a constitution according to the present invention 

for solving such the problems, Fig. 6 shows a placing method 
of the communication setting management apparatus (CSMA) 1. 

In Fig. 6, the communication entity (CE) 2 is in a 
management domain (MD) 4, and a plurality of the management 

15 domains 4 are connected to each other via a network (NW) 3. 
One communication setting management apparatus 1 is placed 
in each managing domain 4, and the setting is fed into the 
communication entity 2 within the management domain 4 in 
response to each communication setting management apparatus 

20 1. 

Here , themanagement domain 4 may correspond to any region , 
and is generally partitioned in each system managing the 
communication entities 2. The communication entities 2 within 
the management domain 4 are connected to each other, and 
25 furthermore they are also connected to the network 3 coupling 
between the management domains 4 (not shown). 

As described above, the communication setting 

15 
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management apparatus 1 is placed in each management domain 
4, whereby a policy of communication (setting templates and 
application rules) which may be different across the 
communication, or is convenient in differing from each other 
can be described in each of the respective domains and managed. 
Thus, inefficiency occurs in the case where the communication 
setting management apparatus 1 is only one, and the inefficiency 
such as a change request to a mating system can be eliminated. 

Here, in the constitution shown in Fig. 6, as the 
communication setting management apparatus 1 is placed in each 
of the managing domains, there are possibilities that the 
setting in which equalization is needed across the 
communication is described as different setting contents . 

For example, if a policy (settings or application rules ) 
in which different encryption algorithms are applied across 
a certain communication is input, the communication cannot 
be achieved due to difference in the encryption algorithms 
when the communication actually occurs . 

Accordingly, as a constitution of the embodiment for 
solving such problems, the conceptual structure is shown in 
Fig. 7. That is, in the case where the communication setting 
management apparatus 1 is placed in each domain 4 in the structure 
of Fig. 6, a constitution of the embodiment of Fig. 7 relates 
to the communication setting management system capable of 
settling a contradiction in the setting or application rule 
occurred between the communication setting management 
apparatus 1 of different domains. 

16 
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In the constitution of the embodiment of Fig. 7, a 
contradiction detection function unit (CDFU) 17 which mutually 
switches information relative to the communication setting 
management apparatus 1 of the different domains (23), .and 
6 detects contradictions of the setting or application rules 
using the information is annexed to the communication setting 
management apparatus 1 in the constitution of the embodiment 
of Fig. 4. Thus, in the communication setting management 
apparatus 1/ it is possible to solve the contradiction 

10 attributed to specification of the different setting templates 
which apply on the communication setting management apparatus 
1 of the other domains. 

That is, as the communication setting management 
apparatus 1 has the aforesaid contradiction detection function 

15 unit 17, it is possible to detect a contradiction of the policy 
(setting templates and application rules) relative to the 
communication setting management apparatus 1 of a 
communication-mating management domain. Thus, the 
contradicted setting templates are imparted to the 

20 communication entities, and as the result, it is possible to ■ 
avoid problems that the communication entities fail a 
communication with the mate, etc. 

Here, in a constitution of the embodiment of Fig. 7, 
a contradiction of the policy (settings or application rules) 

25 can be detected, but to modify the detected contradictions 
by re-entering, or editing the settings or application rules 
requires much labor and is inefficient. 
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As one of causes of contradictions, it is considered 
that the setting templates selected as the result caused in 
accordance with the application rule or gatherings of the 
setting templates are different. A conceptual diagram of the 
5 structure of the embodiment in view of such points is shown 
in Fig. 8. 

In a constitution of the embodiment of Fig. 8/ ^he 
communication setting management apparatus 1 is further 
provided with the contradiction modification function unit 

10 (CMFU) 18. If a contradiction detection function unit 17 detects 
any contradiction/ it requests the contradiction modification 
function unit 18 to modify. 

In the case where the -detected contradiction is 
attributed to a fact that the application rule specifies the 

15 different setting templates or gatherings of the setting 
templates, and moreover the difference can be modified by the 
given rules (not shown), the contradiction modification 
functionunit 18 deems that this contradiction is to be modified. 
It is not, in particular, prescribed in the present 

20 invention how the contradiction which is deemed to be modified 
should be handled, but, e.g. it is considered that the 
contradiction is accepted without deeming to be a contradiction 
as it can be modified, or the modified result is stored in 
the application rule storing means 14 as a new application 

25 rule. 

As described above, in a constitution of the embodiment 
of Fig. 8, the contradiction modification function unit 18 

18 
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makes the aforesaid action , whereby it is possible to deem 
that a contradiction can be modified, which is attributed to 
a fact that the setting templates specified by the application 
rule are different from those of the communication mate, or 
5 the gatherings of the setting templates are not completely 
coincident with each other, etc., and alternatively it is 

possible to actually modify the contradiction. r 

\ 

Thus, it becomes possible to automatically avoid, and 
modify the contradictions attributed to the aforesaid causes 
10 without requiring modifications by hands of the administrators 
21, 22. 

Hereinafter, a concrete embodiment will be explained 
in the case where the communication setting management system 
on which the aforesaid embodiment notion is applied is used 

15 for management of security settings of communication. 

Fig. 9 is a diagram showing a concrete embodiment in 
the case where the communication setting management system 
on which the aforesaid embodiment notion is integrally applied 
is used for management of security settings of communication, 

20 showing a constitutional example of the communication setting 
management apparatus 1 and the entire system provided 
therewith. 

It is unnecessary that an information 20 in a concrete 
setting method of each communication entity is retained inside 
25 the communication setting management apparatus 1 . In this 
embodiment, it is retained inside the communication setting 
management apparatus 1 like Fig. 9. 
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In this embodiment, an attribute for distinguishing 
respective communications from each other is supposed to 
comprise next three parameters. That is, a subject, an action, 
and an object. 

6 Hereinafter, the subject is a user name, and the object 

is a type of server, and the action is a process for the server 
as the object, comprising a read and a write. ^ 

Fig. 10 is a constitutional example of the concrete 
setting method information 20 of the communication entity. 
10 This information 20 denotes a method of setting a security 
function having possibilities that the information is tabled 
and supported by the communication entity. If receiving a 
character Btring in the information table, the communication 
entity is supposed to apply a corresponding security function. 
15 The security is divided into three fields of 

authentication 200, concealment 201, and log record (audit) 
202 in this embodiment. 

Furthermore, four types of optional limbs are shown in 
the authentication 200, i.e. settings by exploiting RSA 
20 algorithm with a key of 512 bits, a key of 1024 bits, and a 
key of 204 8 bits, and no authentication. 

Three optional limbs are shown in the concealment 201, 
i.e. a DES encryption, a Triple DES encryption, and no 
concealment. Furthermore, two optional limbs are shown in the 
25 log record 202, i.e. presence and absence, simply. 

Fig. 11 is a constitutional example of the setting 
templates stored in the setting template storing means 12. 

20 
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The setting templates comprise a combination of a setting 
template name 210 , and a concrete setting contents 211 acquired 
from the information 20 of the concrete setting method of the 
aforesaid communication entity. In the example shown in Fig. 
5 11 , a comment 212 is annexed thereto as auxiliary information. 

Fig. 12 is a constitutional example of the application 
rules stored in the application rule storing means 11. Admin, 
Customer, and User specified as subject 220 are not an individual 
us er name , but each group name to which the us er belongs , denoting 
10 in sequence an administrator group, a customer group, and a 
generic user group. 

The information of a user's membership for the group 
is stored in each management domain by a storing means (not 
shown), and the administrators 21, 22 or the communication 
15 setting management apparatus 1 can freely procure it. 

Next, in a constitution of the embodiment of Fig. 9, 
operations for realizing the notion of the embodiment of Fig. 
4 will be explained. A first sequence is an input of the setting 
. templates. 

20 Fig. 13 is a sample of a screen to be displayed when 

the upper level administrator 21 having the high-grade 
knowledge in the setting method (the security setting method 
in this example) inputs the setting templates by use of the 
setting template entry /edit means 15. 

25 In Fig. 13, a new setting template which is called "T04" 

is being annexed thereto. Four optional limbs are denoted in 
a part of the authentication 200 of the setting contents 211. 

21 
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These optional limbs are obtained from the information 20 of 
the concrete settingmethod of the communication entities shown 
in Fig. 10. 

The upper administrator 21 decides which authorizing 
6 method is proper with reference to the information 20 and inputs 
it. The thus-input setting template is stored in the setting 

template storing means 12 by the setting template entry/edit 

\ 

means 15. 

A second sequence is an input of the application rules. 

10 Fig. 14 is an example of a screen to be displayed when the 
general administrator 22 not having the high-grade knowledge 
inputs the application rules by use of the application rule 
entry/edit means 14. 

Fig. 14 describes the security setting when a human being 

16 (Ext staff group) of related companies reads out from a design 
drawing server. Five setting template names (TOO, T01, T02, 
T03 , T04 ) read out from the setting template accumulation means 
12 concerning the allotted setting templates and comments in 
response thereto are presented as optional limbs. These are 

20 obtained from contents of the setting template storing means 
12 shown in Fig. 11, and after input as described above, the 
application rules are stored in the application rule storing 
means 11. 

Fig. 15 is an operational flow in an embodiment in which 
25 the setting templates are distributed to the communication 
entities 2 based on the information prepared through the 
aforesaid two sequences. Normally, the retrieval and response 



function unit 13 waits for demands from the communication 
entities 2 (300). 

When a communication starts with a command from a user, 
the communication entity 2 is sues a request to the communication 
6 setting management apparatus 1 in order to be informed of what 
kind of setting should be applied on the communication. At 
this time, a user name of the subject 220 aa an attribute of 
the communication, a server name of the object 222, and the 
desired operation 221 are informed to the communication setting 
10 management apparatus 1. It is here supposed that they are 
"yaittada", "personnel information server", and "read." 

If the communication setting management apparatus 1 
receives a request from the communication entity 2 (3 01-YES) , 
the request is analyzed to obtain three items (220, 221, 222) 
16 of the aforesaid attribute (302). 

Next, adaptation rules which conform to this attribute 
are retrieved from the application rule storing means 11 (303) . 
At this time, as the group names are described in a column 
of the subject 220 of the application rules in this example, 
20 it is necessary to obtain the group names to which the user 
names belong from a storing means (not shown). 

It is here supposed that the user "yamada" belongs to 
only the group "user." Then, since the application rules 
conforming to this attribute are ones in the sixth line in 
26 Fig. 12, it is understood that the setting template having 
a name "T02" should be applied thereon. 

If here not discovering the corresponding application 
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rule (3 04-NO), reply a fact of an error to the communication 
entity 2 and return to a request waiting state (305). 

In the case where discovered like this example, the 
retrieval and response function unit 13 retrieves and acquires 
5 the setting template which is named "T02" from the setting 
template storing means 12 (306). This is returned to the 
communication entity 2 ( 307 ) . Return to a request waiting sijate 
again. 

The communication entity 2 sets communication 
10 characteristics in accordance with the received setting 
templates. That is, in this example, the authentication (200) 
is made by use of a key of 512 bits by the RSA algorithm from 
Fig. 11, and the contents of communication are encrypt (201) 
by the DES algorithm, and setting is executed so as to leave 
15 behind the record of communication in a log (202). 

Incidentally, it is not, in particular, prescribed in 
the present invention how the communication entity 2 interprets 
and sets the setting templates. 

Next, in a constitution of the embodiment of Fig. 9, 
20 operations of realizing the notion of the embodiment of Fig. 
5 will be explained. 

It is here supposed that the communication entity 2 
capable of realizing a concealment by RC4 encryption algorithm 
is newly introduced into a certain system. At this time, a 
25 designer of such the communication entity 2 and the upper 
administrator 21 having the high-grade knowledge prepare 
setting template groups 23 shown in Fig. 16A, and instead of 
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entering them, respectively, it is possible to readily annex 
them to the setting template storing means 12 by use of the 
setting template collectively entering means 16. 

The setting template storing means 12 confirms whether 
5 or not each setting template included is contradictory to the 
information of allowable setting contents 211 shown in Pig. 
16B with respect to the given previously defined setting 



template groups 23. With no problems, it is sequentially annexed 
to the setting template storing means 12. After all that are 
10 contradictory to the information of the setting contents 211 
are once received, illegality is collectively notified to an 
input stuff. 

Next, as a concrete embodiment 2, constitutional 
examples or operations in Figs.. 6 to 7 are denoted in the case 

15 where a different system is the management domain 4. 

Fig. 17 is a concrete example of a method of placing 
the communication setting management apparatus 1 shown in Fig. 
6. When a communication occurs across systems A, B, the 
communication setting management apparatus 1 of the management 

20 domain 4 to which the communication entities 21, 22 across 
the communication belong feeds each setting. The management 
domain 4 is divided in each of the systems A, B, and each one 
is supposed to be an enterprise. 



25 apparatus 1 is the same as the embodiment described already, 
and is supposed to have a constitution of Fig. 9. Furthermore, 
the communication setting management apparatus 1 of the system 




The interior of each communication setting management 
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A, B communize the setting template shown in Fig. 18, and are 
6tored in the setting template accumulation means 12, 
respectively. 

Figs. 19A and 19B are application rules of the systems 
A, B, respectively. In the system B, the application rules 
shown already are supposed to be stored in the application 
rule storing means 11 of the communication setting management 
apparatus 1 . 

in this case, the case where the application rules 31, 
32 shown in the drawing in the system A are input is considered. 
Incidentally, the lower a number of the application rules, 
the higher a priority order, i.e. a retrieval is rendered in 
descending order at the time of retrieval , and ones which conform 
thereto in the first place apply thereon. 

As explained in Pig . 6 , the placement of the communication 
setting management apparatus 1 in each management domain 4 
is advantageous in that it is possible to input the different 
policy in each management domain 4. 

For example, in the case where the application rules 
31 are input, with respect to such a communication that the 
subject 220 is a UBer group, the object 222 is a general server, 
and the action 221 is a read, the different setting templates 
of T21 in the system A and T22. in the system B are allocated. 
According to Fig. 18, however, the templates T21, T22 
25 are different in presence or absence of the log record 202. 
The log record 202 may not be equal across the communication. 
Namely, since it does not matter that the log is recorded on 

26 



CQ/fiZ 'A 



mm i ten iraaai / £ '• t> I L0fil-(H-Q0 



the one hand, and the log is not recorded on the other hand, 
6uch the setting is valid. 

Furthermore, in the case where the application rules 
32 are input, the setting templates are allocated with a group 
5 name called User in the system A and a group name called Section 
A in the 6ystem B, but in the system A, the users are managed 
with a division referred to as a generic user group User^and 
an administrator group Admin. On the other hand, in the system 
B , if the uses are managed with a division referred to as 

10 department A: Section A and department B: Section B, it is 
easier that the application rules are described as Section 
A and Section B. 

However, in the case where the User group is overlaid 
on the Section A group, i.e. in the case where there exist 

16 any user belonging to both the groups, the different setting 
templates with T23 in the system A and T24 in the system B 
are allotted. For this reason, there are possibilities that 
a contradiction occurs. 

Concrete examples of Figs. 6 to 8 which detect, avoid, 

20 or modify such contradictions will be explained below. 

After the contradiction detection function unit 17 
obtains contents of information to be transmitted to or received 
from the other management domain 4 , as a concrete contradiction 
detection algorithm using the part 17 depends on attributes 

26 of communication, a describing method of the application rules, 
or the like, it is not in particular limited in the present 
invention. 
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Here, a simple contradiction detecting method is 
explained as a sample in which overlapping of groups is simply 
examined by use of the attributes information of the groups, 
and the contradictions or equivalent relations between, the 
setting templates are imparted as separate information. 
Incidentally, as the other contradiction detecting methods, 
a describing method, etc. are enumerated in Japanese Parent 
Application Laid-Open Publication 6-6347 described above. 

Fig. 20 is an illustration for explaining operations 
of a contradiction detection. If the application rules 31 are 
input (300), the contradiction detection function unit 17 of 
the communication setting management apparatus 1 of the system 
A requests a summary of the application rules and group position 
information to the communication setting management apparatus 
1 of the system B (301). 

The communication setting management apparatus 1 of the 
system B receives this request, and returns the summary of 
the application rules and the group position information in 
Fig. 18 (302) . Next, the contradiction detection function unit 
17 of the system A collates the input application rules with 
the application rules of the system B one by one in sequence, 
and the part 17 inspects whether or not there is overlapping 
in the attribute (a main body attribute in this case) by use 
of the group position information if necessary, while 
inspecting presence or absence of the contradiction (303). 

Here, it is supposed to be first b imply decided that, 
if the setting template names are different from each other, 

28 
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they are contradictory. If the application rules 31 are input, 
the contradiction detection function unit 1 7 collates the above 
with three application rules of the system B in sequence,, and 
the initial collation with the application rules allows to 
5 recognize that the three attributes are completely coincident 
with each other irrespective of the difference in the allocated 
setting templates. | 

Then, they are here once deemed to be contradictory. 
Furthermore, if the application rules 32 are input, they are 

10 not contradictory to the initial application rules, but as 
the first allocated setting templates are different relative 
to the second application rules, it is recognized that there 
are possibilities of a contradiction, and next as the object 
and action which are two out of the three attributes are 

16 coincident with each other, there occurs a problem whether 
or not the remaining main body group has the overlapping. 

Then, the part 17 collates the group position information 
of the system B with the group position information of the 
system A, and inspects whether or not the User group is overlaid 

20 on the Section A group. If overlaid, it is here once deemed 
to be contradictory. 

If the contradiction is not modified, e.g. the 
application rules which are deemed to be contradictory are 
reported to the administrator, thereby urging a re- input (304) . 

25 Next, a method of modifying the detected contradiction 

as described above will be described. Fig. 21 is an illustration 
for explaining an operational example of contradictory 
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modification. In this operational example, the contradiction 
modification function unit 18 is supposed to have two pieces 
of information (not shown) . They are an equivalent information 
and a preferential information of the setting templates . These 
6 examples are shown in Fig* 22. 

At first, the contradiction modification function unit 
18 detects a contradiction (400), collates the detected 



contradiction with the equivalent information, and inspects 
whether to disregard it (401) . Even if setting template names 

10 are different across the communication, they do not matter. 
Therefore, the equivalent information denotes a combination 
of the setting templates which are deemed to be equivalent. 

For example, in an input of the application rules 31, 
thedif ferences of the setting templates of T21 , T2 2 are detected 

15 as a contradiction, but as these differences relate to only 
presence or absence of the log record, it is described in the 
equivalent information that T21 and T22 are deemed to be 
equivalent (refer to Fig. 22A) . Then, these differences are 
deemed not to be contradictory. 

20 Next, the contradiction modification function unit 18 

collates the detected contradiction with the preferential 
information (refer to Fig. 22B), and inspects whether or not 
it can be modified according to the priority order (402). 



25 priority order exists between the setting templates different 
from the preferential information, and one setting template 
may be modified is denoted. 




A combination of the setting templates in which the 
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For example, in the input of the application rules 32, 
as described above, there occurs a contradiction that, in the 
overlapping between the User group and the Section A group, 
T23 is selected on the one hand and T24 is selected on. the 
5 other hand. 

However, the differences between T23 and T24 are one 
in encryption algorithms, and if a selection of a stronger 
encryption algorithm is brought to an end, as the Triple; DBS 
(T24) is stronger than the DES (T23), T23 is modified into 
10 T24, thereby avoiding a contradiction. 

In the case where the contradiction is modified, a change 
of the application rules must be transmitted to the system 
B, and at this time, it is decided which application rules 
out of the systems A, B are modified (403 } . In the above example 
15 (Fig. 22B), as T23 to be modified is allocated in the system 
23, in an overlapping part 500 of the groups (refer to Fig. 
23 denoting the relation of the groups) , the application rules 
32 of the system A should be modified. 

However, since the allocation of T23 of the system A 
20 is valid in an non-overlapping part, the overlapping part 
becomes a modification result, and a number of a position of 
inserting the application rules is decided so as not to exert 
influences on the other parts (refer to Fig. 23). 

In the case of this sample, it is necessary that, the 
25 application rules of the system B are annexed prior to a number 
2 in the system A, and the application rules of the system 
A are annexed behind the number 2 in the system B (406) . This 

31 
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decision result is transmitted to the contradiction 
modification function unit of the communication setting 
management apparatus of the system B ( 404 ) , and the application 
rules are annexed to the application rule accumulation means 
5 in its own part as described above (405). 

Thus r the application rule storingmeans 11 of the systems 
A, Bare illustrated as inFig. 24- Incidentally, in the aforesaid 
embodiment 2, a method of examining presence or absence of 
overlapping in members of all the groups is used by use of 

10 the group position information, but if the groups are defined 
so as not to overlap each other, or another method of knowing 
presence or absence of the overlapping is prepared, a detection 
of overlapping may be rendered by use thereof. 

Furthermore, the overlapping is inspected in only the 

15 groups of the user as a main body in the above examples , but 
as mentioned in "conflict Analysis for Management Policies" 
Fifth IFIP/IEEE by E. Lupu and M. Sloman, it is possible to 
similarly inspect the other attributes. 

Furthermore, it is deemed that the equivalent 

20 information and priority information of the setting templates 
have separately been prepared and the contradiction 
modification is rendered, but a means or necessary information 
for disregarding contradictions or modifying to a new setting 
template is not limited thereto. 

25 According to the present invention, in the communication 

setting management apparatus which distributes communication 
settings to a plurality of the communication entities, it is 
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poasible to simultaneously realize a description of finest 

communication settings requiring the high-grade knowledge and 

a description of the easy application rules not requiring the 

high-grade knowledge, and to use properly the both by the 

5 administrator's knowledge. 

Furthermore, the communication setting management 

apparatus is placed in each management domain, whereby rthe 

\ 

management whenrealizing different settings in each management 
domain is made efficient . Furthermore, at that time, itbecomes 
10 possible to automatically detect a contradiction of the policy 
(settings and application rules) occurred relative to the 
mating management domain, or to automatically modify, not 
manually. 
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